Design and Implementation of Views: Isolated Perspectives of a File System

Abstract

We present Views, a file system architecture that provides isolation between system components for the purposes of access control, regulatory compliance, and sandboxing. Views allows for discrete I/O entities, such as users, groups, or processes, to have a logically complete yet fully isolated perspective (view) of the file system. This ensures that each entity’s file system activities only modify that entity’s view of the file system, but in a transparent fashion that does not limit or restrict the entity’s functionality. Views can therefore be used to monitor system activity based on user accounts for access control (as required by federal regulations such as HIPAA), provide a reliable sandbox for arbitrary applications without inducing any noticeable loss in performance, and enable traditional snapshotting functionality by manipulating and transplanting views as snapshots in time. Views’ architecture is designed to be file system independent, extremely easy to use and manage, and flexible in defining isolation and sharing polices. Our implementation of Views is built on ext3cow, which additionally provides versioning capabilities to all entities. Benchmarking results show that the performance of Views is nearly identical to other traditional file systems such as ext3.